Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of Zero-Knowledge Systems Inc

Published byBertram French Modified over 6 years ago

Similar presentations

Presentation on theme: "Overview of Zero-Knowledge Systems Inc"— Presentation transcript:

1 Overview of Zero-Knowledge Systems Inc
Overview of Zero-Knowledge Systems Inc. and the Private Credentials Technology December 5th 2000 Eric Bergeron General Manager – Wireless Solutions All information contained within is CONFIDENTIAL AND PROPRIETARY INFORMATION © Zero Knowledge Systems Inc, November 18, Montreal, Canada. All rights reserved.

2 Privacy – What is it? Information self-determination
The claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others Personally Identifiable Information (PII) is any information which can be used to identify a specific individual Not just name, address, SSN/SIN Data elements such as date of birth + zip code, or transactional history can narrow the focus down to a small enough group of people to be considered PII In an increasingly networked world, the privacy issue is becoming more and more important Ease and speed of information capture, storage and dissemination Online/offline profile matching Cross-site tracking using cookies, web bugs, etc. Internet connected appliances Wireless location-based tracking

3 OECD 8 Principles of Fair Information Practice
Defining Privacy vs. Security OECD 8 Principles of Fair Information Practice Collection Limitation Data Quality Purpose Specification Use Limitation Openness Individual Participation Accountability 5. Security safeguards Security is a sub-set of privacy. You can address all of your security concerns without addressing privacy.

4 Zero-Knowledge Private Credentials

5 Digital Certificates Sequences of zeros and ones (of a mathematical structure) Verifiable with 100 % accuracy by computers Transferable electronically (no human intervention, fast) Unforgeable (crypto protection) Can specify any kind of data

6

7 Drawbacks to organizations
Transaction delays Lost business (faulty/ irrelevant data, online connection fails) Central database verification Hard to protect databases against hackers and insiders Privacy standards bring compliance costs Manage CRLs / online validation

8 Privacy Concerns Traceability (CA, verifiers, wiretappers, intel. agencies) Discrimination (consults any database) No control over secondary use Revocation (CRL, online whitelists)

9 Private Credentials Similar to coins and public transport tickets (not identifiable) Encode attributes in the private key Selectively disclose the attributes Practical Security benefits

10

11 Selective Disclosure Show part of attribute data without revealing more (think: marker) More powerful than paper-based certificates (Boolean properties, n out of m, intervals) Works across different Private Credentials

12 Fraud Protections Reduce identity fraud
Eliminate central database risks Discourage lending (encode secret of user) Discourage discarding (tie unfavorable attributes in) Limited-show property (identity computable if shown too often)

13

14 Private Payment (E-Cash)
Special case of private credential System prototype is working today An attribute contains information about a currency (issuer, denomination, etc.). Always Revealed in the showing protocol An attribute contains personal information for “off-line fraud tracing”. Never revealed in the showing protocol The payment is the transcript of a showing protocol

15 Sample Applications Prepaid for Mobile Phones
Private Payment (e-cash) for ME-Commerce ID cards (with privacy) Road-toll and public transport pricing/ticketing Digital copyright protection (certificates permit use of works) Access control (VPNs, subscription services, Web sites, databases) Medical prescriptions / medical files Electronic voting Online auctions Financial securities trading Electronic gambling Loyalty schemes

16 Smartcard Implementation
Strong protection against loss, theft, extortion, lending,copying, discarding, etc. Uses mathematical primitives which are present in crypto enabled smartcards. Can be used in conjunction with desktop computer, PDA, etc. in which case we can use standard 8-bit smartcards.

Download ppt "Overview of Zero-Knowledge Systems Inc"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 fairCASH: Concepts and Framework Yen Choon Ching Institute of Computer Science, University of Kiel, Germany Ver 3.1 15 Sept 2008.

1 fairCASH: Concepts and Framework Yen Choon Ching Institute of Computer Science, University of Kiel, Germany Ver Sept 2008.
Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]

Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.

Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
PKI versus Private Credentials1 Stefan Brands Zero-Knowledge Systems Inc. Montreal.

PKI versus Private Credentials1 Stefan Brands Zero-Knowledge Systems Inc. Montreal.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Check It Out 1. 2 Introductions Instructor and student introductions Module overview.

Check It Out 1. 2 Introductions Instructor and student introductions Module overview.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
EPS (Electronic payment system) is an online business process used for fund transfer using electronic means, i.e  Personal computers  services  Mobile.

EPS (Electronic payment system) is an online business process used for fund transfer using electronic means, i.e  Personal computers  services  Mobile.
Www.nationalsmartcardproject.org.uk www.scnf.org.uk National Smartcard Project Work Package 8 – Security Issues Report.

National Smartcard Project Work Package 8 – Security Issues Report.
Wireless Password: 9166703926. ONLINE GAMING / GAMBLING KNOW - YOUR - CUSTOMER AND RISK MANAGEMENT.

Wireless Password: ONLINE GAMING / GAMBLING KNOW - YOUR - CUSTOMER AND RISK MANAGEMENT.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Similar presentations

Ads by Google